Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

Hi All,

Has anyone notice an issue with the Osquery `iptables` virtual table returning nothing ? I've dug into the source code and have a potential theory why this issues exists, but also wanted to reach out here incase anyone has seen this "gotcha". ?

<@U04TLGLPKV2> no difference :disappointed:

Ubuntu 22.04 iptables uses the iptables-nft mode inside it. we have to use the iptables-legacy mode.

<@U3TNCHLSY> take this as a reference it worked for me

<https://www.danami.com/clients/knowledgebase/194/How-can-I-switch-back-to-iptables-from-nftables-after-upgrading-to-Ubuntu.html?language=english>

Please ask questions in one place. I answered this elsewhere. But as Pankaj said, you need the iptables compatibility shim. 